OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Peer Stefan (stefan.peertiwag.at)
Date: Tue Apr 30 2002 - 06:22:00 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hi,

    > From: Axel Leitner [mailto:axel.leitnermuenchen-mail.de]
    > Hello,
    >
    > I want to filter, secure 110 with authentication, open 25
    > only to relayable
    > hosts, drop all other trying access 25,

    if you know the trusted hosts then it's no problem to open port 25 for them.
    just add the according iptables-rule for each host/subnet ...
    'secure 110' is plain pop3, it is unencrypted and therefore to be regarded
    as insecure. you can activate SSL-encryption via pop3, which is called pop3s
    (it uses port 995).

    > domain blocking is not my intend because blacklists have more
    > disadvantages than the right affect on security.

    black lists may not increase the security of your system, but they do help
    to keep spam away from you. and that's what you asked for.

    >
    > Axel
    >
    > > Why would you use iptables for that? Reasonable MTAs nowadays have
    > > a feature which honors blacklists.
    > > If you want to do the blocking yourself you will need some script
    > > or whatever to collect the IP addresses of spamming hosts - and the
    > > tricky part will be how you know IN ADVANCE if a host will
    > spam you ;-)
    > > By uing blacklists your can increase your chance because a spamming
    > > host will mabye already make it into the blacklist database bofore
    > > he attempts to spam you.
    > >
    > > Hope I made sense ;-)
    > >
    > > Erwin
    > >
    > > ---
    > > Axel Leitner wrote:
    > >
    > > > Hello everybody,
    > > >
    > > > has someone a suggestion how to block unauthorizied spam
    > access with an
    > > > iptables rule thru 25/tcp ?
    > > >
    > > > Bye
    > > >
    > > > Axel
    > > >
    > > >
    > > >
    > >
    > >
    > > --
    > > Erwin Zierler | web- / host- / postmaster - stubainet.at
    > > | erwin.zierlerstubainet.at / webmasterstubainet.at
    > > | Tel.: 0 5225 - 64325 Fax 99 Mobil: 0664 - 130 67 91
    > >
    > >
    > > --
    > > To unsubscribe, e-mail: suse-security-unsubscribesuse.com
    > > For additional commands, e-mail: suse-security-helpsuse.com
    > > Security-related bug reports go to securitysuse.de, not here
    > >
    > >
    >
    >
    > --
    > To unsubscribe, e-mail: suse-security-unsubscribesuse.com
    > For additional commands, e-mail: suse-security-helpsuse.com
    > Security-related bug reports go to securitysuse.de, not here
    > 

    -- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here